389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds-base: Read permission check bypass via the deref plugin * 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default * 389-ds-base: DoS via hanging secured connections * 389-ds-base: using dscreate in verbose mode results in information disclosure For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.